Frederic Hediard, Vice President of Product Marketing at Streamcore (www.streamcore.com), says:


When Data center/IT managers want to manage application delivery over a private WAN or the Internet, they first need to gain full visibility into the types of different traffic traversing the corporate network.  Only then can they gain a full understanding of how existing bandwidth is being utilized. Next, they need to assess, with input from the business units they serve, which types of traffic are most critical to serving customers well.

Subsequently, with this information, data center/IT managers can apply specific performance control, bandwidth management or even optimization (if required) over the identified business applications. Lastly, data center/IT managers need to monitor the overall performance provided to the end-users, and share this information with the business units

In order to perform all these tasks efficiently, data center/IT managers need to look for solutions providing unified visibility and control/optimization. Moreover, they must check that these solutions are able to provide visibility and control/optimization in a “cloud computing” environment: it is much more complex to monitor and optimize the performance of applications hosted by third-party service providers. Managing the performance of SaaS applications is a good example of this complexity.  Few solutions on the market can go as far as Streamcore when it comes to identifying SaaS applications on the network and applying visibility and control over them.

Deap Packet Inspection
For security reasons, HTTP-based business applications are often encrypted and exchanged over SSL (HTTPS), making traditional traffic classification processes based on TCP/UDP ports or HTTP URLs useless.

Alternatively, Streamcore has enhanced its powerful Deep Packet Inspection (DPI) engine to automatically identify and classify SSL-based WebEx, Salesforce and other public cloud computing SaaS traffic into specific classes for monitoring and prioritization. Typically, vendor products for managing SSL traffic (e.g., firewalls, application acceleration) must act as a SSL proxy to decrypt and re-encrypt the traffic. Streamcore’s SSL classification engine does not intercept or modify SSL traffic and is nonintrusive: it identifies specific signatures exchanged at the beginning of SSL sessions – when un-encrypted information is exchanged – and classify the recognized SSL sessions in classes to apply dedicated visibility and control.

Benefit for the Enterprise
Advanced HTTPS traffic classification is important for enterprises because it helps to ensure the success of implementing software-as-a-service (SaaS). As enterprises rely more heavily on interactive SaaS applications such as Salesforce, Citrix GoToMeeting, Google Apps or Microsoft Online Services, it is important that these applications run consistently at peak performance. Customer services reps and sales staff need to know that their customer collaboration applications will not run too slowly or give the customers a negative impression of the organization. 

On a typical enterprise network, SaaS applications are accessed through the corporate Internet link using the HTTPS protocol, and must compete with bandwidth intensive traffic such as recreational Web surfing, emails and software updates.  As a result, network congestion can severely degrade SaaS performance. By automatically identifying SaaS applications among the Internet traffic using HTTPS, Streamcore solutions can classify SaaS applications in a class with a high priority, and apply unique bandwidth management technology for both inbound and outbound traffic to ensure the best possible response time for the SaaS end users.

Another benefit of SaaS traffic classification is visibility: by identifying SaaS applications, Streamcore can also provide real-time monitoring and long-term reporting for both SaaS usage (data rate, number of users…) and performance (response time).